'Few organisations realise cyber tools' potential' - Dan Burns, CISO at Next

Keynote speaker at the Cybersecurity Festival 2024

'Few organisations realise cyber tools' potential' - Dan Burns, CISO at Next

Simply buying security isn't feasible in a world where threats change so quickly. Next CISO Dan Burns, keynote speaker at this year's Cybersecurity Festival, discusses defence must-haves in 2024.

In today's online world, protecting data is not only important for business continuity; it's an essential part of staying competitive.

Dan Burns, CISO at multinational retailer Next, has taken this lesson to heart, establishing and building the company's cyber operations over the past eight years - always with an eye on major threats.

Dan will be speaking about his experiences, and his expectations for cyber in the coming year, at Computing's Cybersecurity Festival in May, and we caught up with him for a sneak preview of his keynote speech. As the head of cyber at one of the UK's most well-known high street firms, there is no-one better placed to discuss the challenges and opportunities facing today's security professionals.

Computing: What is your experience in the cyber sector?

Dan Burns: I've spent the last eight years in the cyber field following an extensive career in IT (Infrastructure & Operations). During this time I established and built up Next's cyber security capability, including our Cyber Defence team (SOC, Threat, Red Team, Engineering), Security Architecture, IAM and GRC - or Governance Risk & Culture, as we know it.

What will you be speaking about at this year's Cybersecurity Festival?

I'll be sharing my thoughts on how we need to adapt our approach to cybersecurity in order to keep pace with the ever changing threat landscape.

Click here to register for the Cybersecurity Festival

What do you believe is the most significant cyber threat facing organisations this year?

I think that for most organisations, particularly the private sector, ransomware remains the most prevalent and significant threat. Whilst we've made huge inroads tackling this threat, there's clearly still a long way to go. A ransomware attack can have a huge impact, even on the most prepared organisation, and the groups behind them are continuously evolving, so we have to remain vigilant.

What is one security must-have (or must-do) in 2024?

Focus on your ways of working and making the very most of the capabilities you have today. These days most organisations have a fantastic array of technical cyber capabilities, yet I suspect few are realising their full potential. Now is the time to make sure you fully understand the threats most likely to target your organisation and concentrate on ensuring the tools you have at your disposal are effective at mitigating them.

The Cybersecurity Festival is our annual event bringing together the most knowledgeable and influential security and IT professionals from across the UK. Click here to see the agenda, or here to secure your free place.